27 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-13796
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site. CVE-2018-13796...
RHEL 6 : mailman (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mailman: CSRF token bypass allows to perform CSRF attacks and account takeover CVE-2021-42097 - mailman:...
SUSE: Security Advisory (SUSE-SU-2019:13924-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mailman (EulerOS-SA-2021-1326)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mailman (EulerOS-SA-2021-1096)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : mailman Multiple Vulnerabilities (NS-SA-2020-0091)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has mailman packages installed that are affected by multiple vulnerabilities: - An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site...
NewStart CGSL CORE 5.04 / MAIN 5.04 : mailman Multiple Vulnerabilities (NS-SA-2020-0061)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has mailman packages installed that are affected by multiple vulnerabilities: - An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site...
EulerOS 2.0 SP5 : mailman (EulerOS-SA-2020-2291)
According to the version of the mailman package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted...
Medium: mailman
Issue Overview: A cross-site scripting vulnerability XSS has been discovered in mailman due to the hostname field not being properly validated. A malicious list owner could use this flaw to create a specially crafted list and inject client-side scripts. CVE-2018-0618 An issue was discovered in GN...
Amazon Linux AMI : mailman (ALAS-2020-1395)
The version of mailman installed on the remote host is prior to 2.1.15-30.25. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1395 advisory. Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject...
Medium: mailman
Issue Overview: Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. CVE-2018-0618 An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be...
Ubuntu 16.04 LTS / 18.04 LTS : Mailman vulnerabilities (USN-4348-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4348-1 advisory. It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this to issue execute arbitrary scripts or...
USN-4348-1: Mailman vulnerabilities
It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this to issue execute arbitrary scripts or HTML. CVE-2018-0618 It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to display arbitrary text o...
openSUSE Security Update : mailman (openSUSE-2019-556)
This update for mailman fixes the following issues : Security issue fixed : - CVE-2018-13796: Fix a content spoofing vulnerability with invalid list name messages inside the web UI boo1101288. Bug fixes : - update to 2.1.29 : - Fixed the listinfo and admin overview pages that were broken - update...
Security fix for the ALT Linux 9 package mailman version 5:2.1.29-alt1
Jan. 6, 2019 Dmitry V. Levin 5:2.1.29-alt1 - 2.1.26 - 2.1.29 fixes: CVE-2018-0618, CVE-2018-13796. - Enhanced init script. - Added tmpfiles.d5 rules and a systemd unit file for mailman...
Fedora 28 : 3:mailman (2018-e071e178f8)
New version 2.1.29. Security fix for CVE-2018-13796 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
MGASA-2018-0383 Updated mailman packages fix security vulnerability
Updated mailman package fixes security vulnerability: It was discovered that mailman prior to 2.1.29 mishandled URLs in Utils.py:GetPathPieces which allowed attackers to display arbitrary text on trusted sites CVE-2018-13796...
Updated mailman packages fix security vulnerability
Updated mailman package fixes security vulnerability: It was discovered that mailman prior to 2.1.29 mishandled URLs in Utils.py:GetPathPieces which allowed attackers to display arbitrary text on trusted sites CVE-2018-13796...
Security update for mailman (moderate)
This update for mailman fixes the following issues: Security issue fixed: - CVE-2018-13796: Fix a content spoofing vulnerability with invalid list name messages inside the web UI boo1101288. Bug fixes: - update to 2.1.29: Fixed the listinfo and admin overview pages that were broken - update to...
Fedora Update for mailman FEDORA-2018-e071e178f8
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...